An Android system is becoming one of the most popular application platforms worldwide. Development of an Android platform is one of its numerous advantages, and the platform for development allows any mobile terminal manufacturer to participate in development of Android applications. Prominent openness allows the Android platform to have more developers, and as users and applications gradually increase, the applications of the Android platform become plentiful. These different applications can meet various needs of different users, and give users more experience.
The Android operating system has a mechanism of shared user identifier (sharedUserId): after an installation package .apk file of an application is installed in the system, the application downloads an application plug-in in the background, and prompts a user to install the downloaded application plug-in; if the user chooses to install the plug-in and the application plug-in requests to share a user identifier, it is determined whether the same sharedUserId is already recorded in a current packages.xml file of the system, and if the same sharedUserId is already recorded in the current packages.xml file, information about a signature certificate corresponding to the existing sharedUserId is extracted; and when the information about the signature certificate is consistent with that of the to-be-installed application, the to-be-installed application is allowed to share the same sharedUserId with an already installed application, and all permissions that the to-be-installed application applies for are extracted and are added to a permission list of the sharedUserId; in this way, the to-be-installed application can share one sharedUserId with the already installed application, thereby achieving an objective of sharing a permission with the already installed application, and the original application also obtains all permissions of the new application.
When a newly installed application shares a sharedUserId with an already installed application, if a user chooses to install the new application, the previously installed application obtains all permissions of the newly installed application. Because in the Android system, an application can access information, such as an address book, a short message service message, or a picture, of a user by applying for a corresponding permission, after installing the new application, the user cannot learn a risk brought by adding, by the newly installed application, a permission to the already installed application, thereby lowering security.